The Corona Pandemic Lesson to Global Cybersecurity

What the cybercrime, cyberwarfare and cyberterrorism have in common
with the corona pandemic? At least one thing: all of them are global threats
that cannot be fought individually but cooperatively.

The Coronavirus is hitting hard on the world’s economy,
creating a high volume of uncertainty within organisations. Cynet has revealed new data, showing that the
Coronavirus also has a significant impact on cybersecurity and that the crisis
is actively exploited by threat actors.

The coronavirus related cybersecurity threats are globally spreading
as fast as the pandemic does. However, the experience in fighting the
coronavirus pandemic teaches us that global threats can be won only by cooperation
– not by minding only self-interest.

While many countries are still confused and trying to fight
the pandemic by distancing themselves from the rest of the world – by even
refusing to sell medical equipment to more endangered nations – others are
doing quite opposite.

China and Russia are current examples of solidarity and cooperation.
By helping the pandemic ravaged Italy and some other countries (e.g. Serbia), they
are not just fighting pandemic but also building trust.

And that is what we all should do in the international cybersecurity
arena. Otherwise, we will soon hit global cybercrime (we are almost there),
cyberwar or cyberterrorism pandemic. Building trust and cooperation are the key
actions for fighting any pandemic – be it medical or the cyber hostility related.
It is, unfortunately not the case in this still sharply divided world.

Current international cybersecurity (non)cooperation

It seems that countries are working hard on cyber treaties
and other measures to improve cybersecurity cooperation. The global community
increasingly recognises a need to negotiate cybercrime, cyberwarfare and
cyberterrorism treaties.

However, developing and accepting universal rules, or laws
governing the conduct of cyberspace, still presents a very challenging problem.
Generally, this problem is entrenched in the definition of sovereignty, legal
systems and societal norms, resulting in the current
absence of any globally accepted cybersecurity treaty.

The 2001 Council of Europe Convention on Cybercrime
(Budapest Convention) entered into force in 2004 but many years later, it has
not been signed and ratified by several key CEO member states such as Russia
and Turkey. Several on-Council of Europe member states, including Australia,
Japan, and the United States, however, ratified it. In summary, only 42 of the
193 member states of the United Nations agreed to this convention.

Russian initiative, a draft resolution the ‘Developments in
the field of information and telecommunications in the context of international
security’ was tabled at UN in 2001. Later the same year, Russia proposed the
establishment of the UN Group of Governmental Experts (UN GGE). The group was
tasked to review potential and existing threats to information security,
examine possible ways of cooperation between the UN member states, and perform
a study of international information security issues.

At the first GGE meeting, convened in 2004, Russia, China
and Brazil had called for state sovereignty over information security. The US
had opposed such calls for state control of information, considering the move
to be political, culturally and socially disruptive.

A few years later, the GGE 2009 report endorsed dialogues on
norms for states’ use of ICT to reduce risk and protect critical
infrastructure. It also recommended risk
reduction methods, including the use of ICT during the conflict.

It is at this time that other countries, including China and
South Africa, became increasingly aligned with Russia, consistently arguing
that the Budapest Convention is outdated.

Fast forward, in December 2019, the United Nations Assembly
met to vote on a Russian-led resolution on cybercrime that suggests the establishment
of a committee of experts to consider a new UN cybercrime treaty.

This resolution reflects Russia’s and some BRICS countries’
(including South Africa) long-standing goal to replace the Council of Europe’s
Budapest Convention, which is the only international instrument addressing this
issue but considered already obsolete.

The final vote showed that 79 countries agreed with the
resolution while 60 nation-states, aligned with the US, opposed it. Some 33
countries abstained. The vote was largely along the same ‘traditional’
political dividing lines.

The bottom line: we are still struggling to develop, adopt
and apply the cybersecurity confidence-building measures, which should have a
trust as the rock-solid foundation.

Preventing cyber hostility pandemic

The ICT4Peace Foundation from Geneva explains
that the “objective of confidence-building measures (CBMs) in recent history
and relation to conventional threats has been to prevent the outbreak of war
and escalation in a crisis, increase trust, enhance early warning and
predictability, and modify and transform or improve relations between states”.

The same source proclaims that: “There is general agreement
that CBMs for responding to international cybersecurity issues are useful and
necessary, that they are timely and that they should be a priority area for the
international community”.

The building CBM is generally based on three kinds of
cooperation between:

Like-minded states where there is already an
established level of trust and cooperation.

States that already have dialogue channels (e.g.
US and Russia or China, UK and China) but where trust stands on rather shaky
foundations.

States where there are limited if any dialogue
channels and no trust between parties.

We are currently the most concerned with the cooperation of
the ‘cybersecurity heavyweights’, which trust still stands on pretty shaky
foundations. Hence, trust appears as
a keyword in the international cooperation in general and in the cybersecurity
arena, in particular.

However, the fundamental problem in the cyber domain is that
there is very little trust in the information exchanged. The inner trust is
still lacking among countries as the nations are blaming each other for
activities that they have engaged in.

With the cyber capabilities heavyweights, it seems that mutual
distrust is based on past conflicts among nations (e.g. Cold War). The problem
of attribution and monitoring in the cyberspace also makes trust building difficult.

There are also other negatively contributing factors to the
consensus-building but it goes beyond the scope of this article. It is,
however, worth of noting that even if it seems that building trust among the
most powerful countries is still ‘mission impossible’, it will be important to
carry on advocating for the global cybersecurity treaty.

The ICT4Peace Foundationfirmly supporters “Establishing voluntary ‘communities of responsible
states’ that could develop active approaches to enhancing international ICT
stability including by refraining from engaging in activities they agree are inherently
destabilising or by promoting practices that enhance trust and stability.

Verification measures are critical to building trust among
adversaries. This can, for example, be done through monitoring either
bilaterally or through trusted international organisations, such as the UN or
the OSCE”.

Increased trust among the most powerful counters can lead to
a global cybersecurity treaty. In a manner in which the international
humanitarian laws (e.g. the Geneva Convention) limit the effects of armed
conflict, a global cybersecurity treaty can limit the effects of cyberwar and cyberterrorism
as well as facilitate the fight against cybercrime.

Not reaching a global cybersecurity treaty will only lead to
another pandemic called the ‘cyber-threats wildfire’.